package io.micronaut.security.oauth2.endpoint.token.response;

import io.micronaut.context.annotation.Requires;
import io.micronaut.core.annotation.NonNull;
import io.micronaut.core.annotation.Nullable;
import io.micronaut.security.authentication.AuthenticationMode;
import io.micronaut.security.authentication.AuthenticationResponse;
import io.micronaut.security.authentication.UserDetails;
import io.micronaut.security.config.AuthenticationModeConfiguration;
import io.micronaut.security.oauth2.configuration.OpenIdAdditionalClaimsConfiguration;
import io.micronaut.security.oauth2.endpoint.authorization.state.State;
import io.micronaut.security.token.jwt.generator.claims.JwtClaims;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.inject.Inject;
import javax.inject.Singleton;

@Singleton
@Requires(configuration = "io.micronaut.security.token.jwt")
/* loaded from: input_file:io/micronaut/security/oauth2/endpoint/token/response/DefaultOpenIdUserDetailsMapper.class */
public class DefaultOpenIdUserDetailsMapper implements OpenIdUserDetailsMapper {
    private final OpenIdAdditionalClaimsConfiguration openIdAdditionalClaimsConfiguration;
    private final AuthenticationModeConfiguration authenticationModeConfiguration;

    @Inject
    public DefaultOpenIdUserDetailsMapper(OpenIdAdditionalClaimsConfiguration openIdAdditionalClaimsConfiguration, AuthenticationModeConfiguration authenticationModeConfiguration) {
        this.openIdAdditionalClaimsConfiguration = openIdAdditionalClaimsConfiguration;
        this.authenticationModeConfiguration = authenticationModeConfiguration;
    }

    @Deprecated
    public DefaultOpenIdUserDetailsMapper(OpenIdAdditionalClaimsConfiguration openIdAdditionalClaimsConfiguration) {
        this(openIdAdditionalClaimsConfiguration, null);
    }

    @Override // io.micronaut.security.oauth2.endpoint.token.response.OpenIdUserDetailsMapper
    @NonNull
    @Deprecated
    public UserDetails createUserDetails(String str, OpenIdTokenResponse openIdTokenResponse, OpenIdClaims openIdClaims) {
        Map<String, Object> buildAttributes = buildAttributes(str, openIdTokenResponse, openIdClaims);
        return new UserDetails(getUsername(str, openIdTokenResponse, openIdClaims), getRoles(str, openIdTokenResponse, openIdClaims), buildAttributes);
    }

    @Override // io.micronaut.security.oauth2.endpoint.token.response.OpenIdUserDetailsMapper
    @NonNull
    public AuthenticationResponse createAuthenticationResponse(String str, OpenIdTokenResponse openIdTokenResponse, OpenIdClaims openIdClaims, @Nullable State state) {
        return createUserDetails(str, openIdTokenResponse, openIdClaims);
    }

    protected Map<String, Object> buildAttributes(String str, OpenIdTokenResponse openIdTokenResponse, OpenIdClaims openIdClaims) {
        HashMap hashMap = new HashMap(openIdClaims.getClaims());
        List list = JwtClaims.ALL_CLAIMS;
        hashMap.getClass();
        list.forEach((v1) -> {
            r1.remove(v1);
        });
        hashMap.put(OauthUserDetailsMapper.PROVIDER_KEY, str);
        boolean z = this.authenticationModeConfiguration.getAuthentication() != null && this.authenticationModeConfiguration.getAuthentication() == AuthenticationMode.IDTOKEN;
        if (z || this.openIdAdditionalClaimsConfiguration.isJwt()) {
            hashMap.put(OpenIdUserDetailsMapper.OPENID_TOKEN_KEY, openIdTokenResponse.getIdToken());
        }
        if (z || this.openIdAdditionalClaimsConfiguration.isAccessToken()) {
            hashMap.put(OauthUserDetailsMapper.ACCESS_TOKEN_KEY, openIdTokenResponse.getAccessToken());
        }
        if (z || (this.openIdAdditionalClaimsConfiguration.isRefreshToken() && openIdTokenResponse.getRefreshToken() != null)) {
            hashMap.put(OauthUserDetailsMapper.REFRESH_TOKEN_KEY, openIdTokenResponse.getRefreshToken());
        }
        return hashMap;
    }

    protected List<String> getRoles(String str, OpenIdTokenResponse openIdTokenResponse, OpenIdClaims openIdClaims) {
        return Collections.emptyList();
    }

    protected String getUsername(String str, OpenIdTokenResponse openIdTokenResponse, OpenIdClaims openIdClaims) {
        return openIdClaims.getSubject();
    }
}
